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Ryan Breen 

August 2003 Linux Journal, volume 2003 issue 112 
Publisher: Specialized Systems Consultants, Inc. 

Full text available: jg] html(25.27 KB) Additional Information: full citation , abstract 

Need to make a secure connection from home? Set up a simple virtual private network? 

Operating systems security: Attestation-based policy enforcement for remote access Q 

Reiner Sailer, Trent Jaeger, Xiaolan Zhang, Leendert van Doom 

October 2004 Proceedings of the 11th ACM conference on Computer and 

communications security 
Publisher: ACM Press 

Full text available: ^ pdf(261.52 KB) Additional Information: full citation , abstract , references , index terms 

Intranet access has become an essential function for corporate users. At the same time, 
corporation's security administrators have little ability to control access to corporate data 
once it is released to remote clients. At present, no confidentiality or integrity guarantees 
about the remote access clients are made, so it is possible that an attacker may have 
compromised a client process and is now downloading or modifying corporate data. Even 
though we have corporate-wide access control over ... 
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3 Security: Enhancing the security of corporate Wi-Fi ntworks using PAIR 
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Wolman, Brian Zill 

June 2006 Proceedings of the 4th international conference on Mobile systems, 
applications and services MobiSys 2006 

Publisher: ACM Press 

Full text available: pdf(302.26 KB) Additional Information: full citation , abstract , references , index terms 

We present a framework for monitoring enterprise wireless networks using desktop 
infrastructure. The framework is called DAIR, which is short for Dense Array of 
Inexpensive Radios. We demonstrate that the DAIR framework is useful for detecting 
rogue wireless devices (e.g., access points) attached to corporate networks, as well as for 
detecting Denial of Service attacks on Wi-Fi networks. Prior proposals in this area include 
monitoring the network via a combination of access points (APs), m ... 
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4 Generating firewall rules with p erl 
Mike Diehl 

March 2006 Linux Journal volume 2006 issue 143 
Publisher: Specialized Systems Consultants, Inc. 

Full text available: g) html(21.20 KB) Additional Information: full citation , abstract , index terms 
A Perl alternative to those tired of tweaking firewall rules by hand. 

5 A firewall configuration strategy for the protection of computer networked labs in a 
college settin g 

Dennis Guster, Charles Hail 

October 2001 Journal of Computing Sciences in Colleges, volume 17 issue 1 
Publisher: Consortium for Computing Sciences in Colleges 
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6 Policy routing for fun and profit 
David Mandelstam, Nenad Corbie 
May 2004 Linux Journal, volume 2004 issue 121 
Publisher: Specialized Systems Consultants, Inc. 

Full text available: ffi] html ( 21.73 KB ) Additional Information: full citation , abstract 

A bargain Net connection gets expensive over its traffic limit. Routing mastery will keep 
bills in check and Net performance snappy. 



7 Network security laboratories usin g SmoothWall 
Jason Kretzer, Charles E. Frank 

October 2005 Journal of Computing Sciences in Colleges, volume 21 issue 1 
Publisher: Consortium for Computing Sciences in Colleges 

Full text available: ^j|| pdf(186.31 KB) Additional Information: full citation , abstract , references , index terms 

Smooth Wall Express [12] is a free GPL firewall. It uses iptables [20] for firewall rules and 
Snort [14] as an intrusion detection system (IDS). This paper describes the installation of 
Smooth Wall. It presents sample SmoothWall laboratory exercises for teaching network 
security using iptables and Snort. 



8 Smart wireless association: Improved access point selection 

Anthony J. Nicholson, Yatin Chawathe, Mike Y. Chen, Brian D. Noble, David Wetherall 
June 2006 Proceedings of the 4th international conference on Mobile systems, 

applications and services MobiSys 2006 
Publisher: ACM Press 

Full text available: ^| pdf(451.33 KB) Additional Information: full citation , abstract , references , index terms 

This paper presents Virgil, an automatic access point discovery and selection system. 
Unlike existing systems that select access points based entirely on received signal 
strength, Virgil scans for all available APs at a location, quickly associates to each, and 
runs a battery of tests to estimate the quality of each AP's connection to the Internet. 
Virgil also probes for blocked or redirected ports, to guide AP selection in favor of 
preserving application services that are currently in use. Resu ... 

Keywords: 802.11, access point selection, opportunistic connectivity, public networks, 
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Paranoid penguin: Linux VPN technologies 
Mick Bauer 

February 2005 Linux Journal, volume 2005 issue 130 
Publisher: Specialized Systems Consultants, Inc. 

Full text available: g) html(20.94 KB) Additional Information: full citation , abstract , index terms 



10 Review: Sna pg ear lite: an inex pen sive home office/small office fi rewall and VPN 
client 

Alan Zeichick 

April 2002 Linux Journal, volume 2002 issue 96 
Publisher: Specialized Systems Consultants, Inc. 

Full text available: g| htmlf11.74 KB) Additional Information: full citation , index terms 



11 Firmato: A novel firewall management toolkit 
Yair Bartal, Alain Mayer, Kobbi Nissim, Avishai Wool 

November 2004 ACM Transactions on Computer Systems (TOCS), volume 22 issue 4 
Publisher: ACM Press 

Full text available: ^g| pdf(917.80 KB) Additional Information: full citation , abstract , references , index terms 

In recent years packet-filtering firewalls have seen some impressive technological 
advances (e.g., stateful inspection, transparency, performance, etc.) and wide-spread 
deployment. In contrast, firewall and security <i>management</i> technology is lacking. 
In this paper we present <i>Firmato</i>, a firewall management toolkit, with the 
following distinguishing properties and components: (1) an entity-relationship model 
containing, in a unified form, global knowledge of the sec ... 

Keywords: Security policy, firewall, management, model definition language, 
visualization 
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May 2000 Linux Journal 

Publisher: Specialized Systems Consultants, Inc. 

Full text available: g) html(17.64 KB) Additional Information: full citation , index terms 
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Mick Bauer 

February 2003 Linux Journal, volume 2003 issue 106 
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Katsube, Yoshihiro Ohba, Henning Schulzrinne 

July 2005 ACM SIGMOBILE Mobile Computing and Communications Review, volume 9 

Issue 3 
Publisher: ACM Press 

Full text available: ||| pdf(1.47 MB ) Additional Information: full citation , abstract , references , index terms 

The advent of the mobile wireless Internet has created the need for seamless and secure 
communication over heterogeneous access networks such as IEEE 802,11, WCDMA, 
cdma2000, and GPRS. An enterprise user desires to be reachable while outside one's 
enterprise networks and requires minimum interruption while ensuring that the signaling 
and data traffic is not compromised during one's movement within the enterprise and 
between enterprise and external networks. We describe the design, implementation ... 

15 Secure virtual private networks: the future of data communications 
Eli Herscovitz 

August 1999 International Journal of Network Management, volume 9 issue 4 
Publisher: John Wiley & Sons, Inc. 

Full text available: pdf(230.05 KB) Additional Information: full citation , abstract , index terms 

The Internet is an almost ideal means for information retrieval and exchange, It is cost- 
effective, easy to use and easily accessible. However, it can also be susceptible to devious 
practices such as data tempering, eavesdropping and theft. This paper analyses secure 
virtual private networks &lpar;VPNs&rpar; and their use in countering the problems of the 
Internet. Copyright © 1999 John Wiley & Sons, Ltd. 
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16 Mobilit y, roaming, and handoff: Secure universal mobility for wireless internet 
Ashutosh Dutta, Tao Zhang, Sunil Madhani, Kenichi Taniuchi, Kensaku Fujimoto, Yasuhiro 
Katsube, Yoshihiro Ohba, Henning Schulzrinne 

October 2004 Proceedings of the 2nd ACM international workshop on Wireless mobile 
applications and services on WLAN hotspots 

Publisher: ACM Press 

Full text available: ^ [pdf(1.10 MB) Additional Information: full citation , abstract , references , index terms 

The advent of the mobile wireless Internet has created the need for seamless and secure 
communication over heterogeneous access networks such as IEEE 802.11, WCDMA, 
cdma2000, and GPRS. An enterprise user desires to be reachable while outside one's 
enterprise networks and requires minimum interruption while ensuring that the signaling 
and data traffic is not compromised during one's movement within the enterprise and 
between enterprise and external networks. We describe the design, implementat ... 

Keywords: 802.11, handoff, hot spot, mobile IP, mobility, security 




17 Network pointers Q 
vgjv Christian Tschudin, Richard Gold 

V January 2003 ACM SIGCOMM Computer Communication Review, volume 33 issue l 
Publisher: ACM Press 

Full text available: ^ pdf (270,95 KB) Additional Information: full citation , abstract , references , index terms 

The Internet architecture can be characterized as having a rather coarse grained and 
imperative style of network packet handling: confronted with an IP packet and its source 
and destination addresses, the infrastructure almost blindly and unalterably executes 
hundreds of resolution, routing and forwarding decisions. There are numerous attempts 
that try to "extend" the Internet in order to either reduce the immediate impact an 
arbitrary packet can have (e.g., NAT), or to insert diversions from th ... 
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control system for mobile wireless access to secured domains 
Jiejun Kong, Shirshanka Das, Edward Tsai, Mario Gerla 

September 2003 Proceedings of the 2003 ACM workshop on Wireless security 
Publisher: ACM Press 

Full text available: ^ pdf(401.72 KB) Additional Information: full citation , abstract , references , index terms 

In this work we design and implement ESCORT, a backward compatible, efficient, and 
secure access control system, to facilitate mobile wireless access to secured wireless 
LANs. In mobile environments, a mobile guest may frequently roam into foreign domains 
while demanding critical network services. ESCORT provides instant yet secure access to 
the mobile guest based on the concept of "escort", which refers to a special network 
object with four distinct properties: (1) T ... 

Keywords: decentralized access control, identity privacy, location privacy, mobile 
privacy, wireless security 



19 E-commerce: Assessing the scalability of component-based frameworks: the 
^ CADENUS case study 

^ S. D'Antonio, M. Esposito, S. P. Romano, G. Ventre 

December 2004 ACM SIGMETRICS Performance Evaluation Review, Volume 32 issue 3 

Publisher: ACM Press 

Full text available: ||] pdf(1 .0 5 MB) Additional Information: full citation , abstract , references 

This paper proposes an approach to scalability analysis of component-based systems. A 
theoretical model of the orchestrated behavior of a system's components is developed and 
potential bottlenecks are identified. The model is derived by performing an analysis of the 
average number of messages that each involved entity has to deal with, i.e. receive, 
elaborate and possibly forward. By appropriately setting the various model parameters, it 
is possible to evaluate a system's behavior in a number of ... 

Keywords: mediation, network protocols, probability theory, queuing networks, 
scalability 
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# David Breen, Ron Fedkiw, Ken Museth, Stanley Osher, Guillermo Sapiro, Ross Whitaker 
August 2004 Proceedings of the conference on SIGGRAPH 2004 course notes GRAPH 
•04 

Publisher: ACM Press 

Full text available: ^ pdf(17.07 MB) Additional Information: full citation , abstract 

Level set methods, an important class of partial differential equation (PDE) methods, 
define dynamic surfaces implicitly as the level set (iso-surface) of a sampled, evolving nD 
function. The course begins with preparatory material that introduces the concept of using 
partial differential equations to solve problems in computer graphics, geometric modeling 
and computer vision. This will include the structure and behavior of several different types 
of differential equations, e.g. the level set eq ... 
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